A corporation with a large number of Internet of Things (IoT) devices deployed across multiple office locations is reviewing its security architecture to address concerns regarding the unauthorized disclosure of sensitive data collected by these devices. Which of the following security approaches would BEST mitigate this risk?
Enable full disk encryption on all IoT devices to protect data at rest.
Require multi-factor authentication for all users accessing the IoT devices.
Implement network segmentation to restrict IoT traffic to a dedicated portion of the network.
Enable a host-based firewall on each IoT device to prevent unauthorized access.